| Release | Version |
|---|---|
| stretch | 1.3.3-4 |
| buster | 1.3.6-1 |
| bullseye | 1.3.8-1 |
| bookworm | 1.3.8-1 |
| sid | 1.3.8-1 |
| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2017-1000071 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass i ... |
| Bug | Description |
|---|---|
| CVE-2014-4172 | A URL parameter injection vulnerability was found in the back-channel ... |
| CVE-2012-5583 | phpCAS before 1.3.2 does not verify that the server hostname matches a ... |
| DSA / DLA | Description |
|---|---|
| DSA-3017-1 | php-cas - security update |